CVE-2025-60684

moderate-risk

Published 2025-11-13

A stack buffer overflow vulnerability exists in the ToToLink LR1200GB (V9.1.0u.6619_B20230130) and NR1800X (V9.1.0u.6681_B20230703) Router firmware within the cstecgi.cgi binary (sub_42F32C function). The web interface reads the "lang" parameter and constructs Help URL strings using sprintf() into fixed-size stack buffers without proper length validation. Maliciously crafted input can overflow these buffers, potentially leading to arbitrary code execution or memory corruption, without requiring authentication.

Do I need to act?

0.36% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 6.5/10 Medium

NETWORK / LOW complexity

Affected Products (2)

Lr1200Gb Firmware

Nr1800X Firmware

Affected Vendors

Totolink

References (3)

Broken Link http://totolink.com

Exploit https://github.com/yifan20020708/SGTaint-0-day/blob/main/ToToLink/ToToLink-LR120...

Product https://www.totolink.net/

/ 100

moderate-risk

Severity 24/34 · High

Exploitability 1/34 · Minimal

Exposure 7/34 · Low